United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
I nilid Stall-, l'atint and Trademark Office 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. 



I0/H02.072 



FILING DATE 



O.V I 0/200-4 



FIRST NAMED INVENTOR 



Leemon C. Baird II 



25007 7590 07/02/2008 

LAW OFFICE OF DALE B. HALLING, LLC 
655 SOUTHPOINTE CT, SUITE 100 
COLORADO SPRINGS, CO 80906 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



TRAORE, FA'I ( H M.V1 A 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



l/ffflrC? nVrliUli Otfff Iff ids y 


Application No. 

10/802,073 


Applicant(s) 
BAIRD ET AL. 


Examiner 

FATOUMATA TRAORE 


Art Unit 

2136 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )□ Responsive to communication(s) filed on 07 March 2008 . 
2a )^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 50-70 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |EI Claim(s) 50-70 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1) ^| Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5 ) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 



PTOL-T26 d (Rev e 08-06r 



Office Action Summary 



Part of Paper No./Mail Date 20080624 



Application/Control Number: 10/802,073 Page 2 

Art Unit: 2136 

DETAILED ACTION 

1 . This action is in response of the petition for revival of unintentionally abandoned 
application filed March 7, 2008, which cancelled claim 1 ; Claims 2-49 were previously 
cancelled; Claims 50-70 have been added; Claims 5-70 are pending and have been 
considered below. 

Specification 

2. The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: claim 70 recites the limitation of "means for" there is no 
antecedent basis in the specification. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

4. Claim 70 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

5. Claim 70 is drawn to a computer program per se. The applicant appears to be 
attempting to describe the component of the device by using "means for" language. 
However, the Examiner notes that the only "means" for performing these cited functions 
in the specification appears to be computer programs modules. A computer program is 
not a series of steps or acts and this is not a process. A computer program is not a 
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physical article or object and as such is not a machine or manufacture. A computer 
program is not a combination of substances and therefore not a compilation of matter. 
Thus, a computer program by itself does not fall within any of the four categories of 
invention. Therefore, Claim 70 is not statutory. 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

7. Claims 50-52, 55-56, 60-62, 65-66 and 70 are rejected under 35 U.S.C. 1 02(b) 
as being anticipated by Gullman et al (US 5,280,527). 

Claims 50, 60 and 70. Gullman et al discloses a device for providing a user with 
a secure access to a network resource and a method for authenticating a user to 
a device, comprising: 

A memory storing data related to at least one of accounts and preferences 
(memory stores a template of authorized user) (column 2, lines 48-55); and 
A processor coupled to the memory(F/g. 2), the processor authenticating the user 
with the device by verifying a device password and a user biometric that are 
specific to the device (upon entry of the cardholder's biometric information, the 
processor executes the verification algorithm) (column 2, lines 53-55) and 
transmitting a resource password (to/cen)to establish a connection to the network 
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resource, the resource password being unknown to the user and specific to the 
network resource [the verification algorithm uses the template data, the biometric 
input, a fixed code (i.e., PIN embedded serial number, account number) and 
time-varying self-generated information to derive a token output. In an alternative 
embodiment, the token output is transmitted directly to the host system through a 
direct data communication line, eliminating the need for manual entry by the 
user) (column 2, lines 55-65). 

Claims 51 and 61. Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 50 and 60 above, and further discloses wherein the user is 
granted access to the memory upon verification (the access device 12 transmits 
the token to the host 10 which decrypts or decodes the token to derive the fixed 
code and correlation factor. If the fixed code identifies a valid user and the 
correlation factor is above the threshold level, then access is permitted) (column 
6, lines 37-45). 

Claims 52 and 62. Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 51 and 61 above, and further discloses wherein a duress 
password is entered for the verification, the duress password being 
predetermined to be used when an access to the device is intended to be 
denied(/n other embodiments, the security apparatus need not notify the user 
that the biometric entry was invalid. Instead an invalid token is displayed, so that 
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upon input to the access device 12 access to the host system 10 is denied and 
the host is informed of an access attempt) (column 3, lines 50-55). 
Claim 55 and 65: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 50 and 60 above, and further discloses wherein the user 
biometric is at least one of a path and a speed era use of an input device, a 
fingerprint description, an iris scan, and a voice print (column 3, lines 55-67; 
column 5, lines 42-55). 

Claims 56 and 66: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 55 and 65 above, and further discloses wherein the path and 
the speed of the use of the input device include a signature of the device 
password to combine the device password and the biometric for the 
verification (column 3, lines 55-67; column 5, lines 42-55). 



Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 54, 57-59, 64 and 67-69 are rejected under 35 U.S.C. 103(a) as being 



unpatentable over Gullman et al (US 5,280,527) in view of Chou et al (US 5,638,444). 
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Claims 54 and 64: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 50 and 61 above, but does not explicitly discloses wherein 
the data of the memory is encrypted, the data being decrypted with a device 
dependent key specific to the device. However, Chou et al discloses a secure 
computer communication method and device, which further discloses wherein 
the data of the memory is encrypted, the data being decrypted with a device 
dependent key specific to the device (column 1, lines 20-65). Therefore, it would 
have been obvious to one having ordinary skill in the art at the time the invention 
was made to modify the teaching of Gullman et al such as to decrypt the data by 
using a device dependant key. One would have been motivated to do so in order 
to provide secure and ciphered communication between any types of computer 
as taught by Chou et al (column 1, lines 5-10). 

Claims 57 and 67. Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 50 and 60 above, but does not explicitly disclose that a true 
random number generator generating the resource password. However, Chou et 
al discloses a secure computer communication method and device, which further 
discloses that a true random number generator generating the resource 
password (column 1, lines 34-40; Fig. 2). Therefore, it would have been obvious 
to one having ordinary skill in the art at the time the invention was made to 
modify the teaching of Gullman et al such as to use a random number generator 
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to generate the session key. One would have been motivated to do so in order 
to provide secure and ciphered communication between any types of computer 
as taught by Chou et al (column 1, lines 5-10). 

Claims 58 and 68: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 50 and 60 above, but does not explicitly discloses wherein 
the resource password is generated at a predetermined time for the access to 
the network resource. 

However, Chou et al discloses a secure computer communication method and 
device, which further discloses wherein the resource password is generated at a 
predetermined time for the access to the network resource {Fig. 2). Therefore, it 
would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify the teaching of Gullman et al such as to generate 
the resource password at a predetermined time. One would have been 
motivated to do so in order to provide secure and ciphered communication 
between any types of computer as taught by Chou et al (column 1 , lines 5-1 0). 
Claims 59 and 69: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 55 and 60 above, but does not explicitly discloses wherein 
communications with the network resource are encrypted. However, Chou et al 
discloses a secure computer communication method and device, which further 
discloses wherein communications with the network resource are encrypted 
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(column 1, lines 20-65). Therefore, it would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify the teaching 
of Gullman et al such as to encrypt the communication with the network 
resource. One would have been motivated to do so in order to provide secure 
and ciphered communication between any types of computer as taught by Chou 
et al (column 1 , lines 5-1 0). 



10. Claims 53 and 63 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullman et al (US 5,280,527) in view of Orton et a I (US 6,684,261 ). 

Claims 53 and 63: Gullman et al discloses a device for providing a user with a 
secure access to a network resource and a method for authenticating a user to a 
device, as in claims 52 and 62 above, but does not explicitly discloses wherein 
the entry of the duress password replaces the data of the memory with non- 
sensitive data. However, Chou et al discloses a secure computer communication 
method and device, which further discloses wherein the entry of the duress 
password replaces the data of the memory with non-sensitive data [column 19, 
lines 25-45). Therefore, it would have been obvious to one having ordinary skill in 
the art at the time the invention was made to modify the teaching of Gullman et al 
such as to replace sensitive data with non sensitive Upton a entering a duress 
password. One would have been motivated to do so in order to provide data 
integrity 
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Conclusion 

1 1 . Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fatoumata Traore whose telephone number is (571) 
270-1685. The examiner can normally be reached Monday through Thursday from 7:00 
a.m. to 4:00 p.m. and every other Friday from 7:30 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nassar G. Moazzami, can be reached on (571) 272 4195. The fax phone 
number for Formal or Official faxes to Technology Center 2100 is (571 ) 273-8300. Draft 
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or Informal faxes, which will not be entered in the application, may be submitted directly 
to the examiner at (571) 270-2685. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the Group Receptionist whose telephone number is 
(571)272-2100. 

FT 

Wednesday June 25, 2008 



/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2136 



